Full Disclosure mailing list archives
Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability]
From: Michael Renzmann <security () dylanic de>
Date: Thu, 04 Dec 2003 07:52:57 +0100
Hi. Jonathan A. Zdziarski wrote:
In a lot of cases, this would only be exploitable internally, since manyconfigurations are set up not to allow access to the unit externally.
What do you mean with "externally"? WLAN? Internet?I don't know this particular device, but I know that lots of other Access Points that have a web interface regard any request from WLAN as being internal. If this is also the case for the WRT54G, the attack can be made from anyone who is in reach of the Access Point as described in the vulnerability report.
But in any case, there are a lot of other ways to DoS these little residential boxes. Running macof (part of the dsniff package) will effectively shut down all traffic on the network. I'm sure arpspoof without forwarding would do the same thing. I'm surprised these things don't support something as basic as SSL for authentication (at least the model I've got doesn't)
WRT54G is said to have an https? Or do you mean SSL for authentication of users before they can access anything on (or behind) the network the Access Point is attached to?
Bye, Mike _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Tim (Dec 04)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] kang () insecure ws (Dec 04)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)